How severe is CVE-2024-46684?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2024-46684?

This is classified as CWE-131, which is a common weakness in software security.

CVE-2024-46684

MEDIUM Year: 2024

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-131

View all →

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined create_elf_fdpic_tables() does not correctly account the space for the AUX vector when an architecture has ELF_HWCAP2 defined. Prior to the commit 10e29251be0e ("binfmt_elf_fdpic: fix /proc/<pid>/auxv") it resulted in the last entry of the AUX vector being set to zero, but with that change it results in a kernel BUG. Fix that by adding one to the number of AUXV entries (nitems) when ELF_HWCAP2 is defined.

CVE-2017-14934

MEDIUM

CVSS:5.5(Medium)

process_debug_info in dwarf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (infinite loop) via a ...

CWE-1312017

CVE-2019-5696

MEDIUM

CVSS:5.5(Medium)

NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in which the provision of an incorrectly sized buffer by a guest VM leads to GPU out-of-bound access, which may lead to a denial of s...

CWE-1312019

CVE-2020-14385

MEDIUM

CVSS:5.5(Medium)

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt....

CWE-1312020

CVE-2021-29521

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from t...

CWE-1312021

CVE-2021-29542

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the implemen...

CWE-1312021

CVE-2021-29545

MEDIUM

CVSS:5.5(Medium)

TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is becau...

CWE-1312021

CVE-2024-46684

Vulnerability Description

Related Vulnerabilities

CVE-2017-14934

CVE-2019-5696

CVE-2020-14385

CVE-2021-29521

CVE-2021-29542

CVE-2021-29545